package com.mall.huohuo.openapi.config.auth;


import com.mall.huohuo.common.security.SecurityUtils;
import com.mall.huohuo.common.domain.HuohuoUser;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.HashSet;
import java.util.Set;

/**
 * jwt
 */
@Slf4j
public class JwtRealm extends AuthorizingRealm {

//    @Autowired
//    private UserService userService;
//    @Autowired
//    private RoleUserService roleUserService;
//    @Autowired
//    private RolePermissionService rolePermissionService;
//    @Autowired
//    private PermissionService permissionService;

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JwtToken;
    }

    /**
     * token校验
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        JwtToken jwtToken = (JwtToken) authenticationToken;

        String token = String.valueOf(jwtToken.getPrincipal());
        final HuohuoUser huohuoUser = getUserFromToken(token);
//        UserEntity userEntity = userService.getById(mgUser.getId());
//
//        if (userEntity == null) {
//            log.warn("用户不存在,id:" + huohuoUser.getId());
//            throw new AuthenticationException("用户不存在。");
//        }

        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(token, token, getName());
        return authenticationInfo;
    }

    /**
     * 用户的权限
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String token = principals.getPrimaryPrincipal().toString();
        final HuohuoUser huohuoUser = getUserFromToken(token);

//        List<String> roles = userService.listRoles(mgUser.getId());

//        Set<String> roleSet=new HashSet<>(roles);
        Set<String> roleSet=new HashSet<>();

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.setRoles(roleSet);

        return authorizationInfo;

    }


    private HuohuoUser getUserFromToken(String token) {
        return SecurityUtils.getUserByAccessToken(token);
    }

//   @Override
//    public boolean isPermitted(PrincipalCollection principals, String permission) {
//        MgUser mgUser = SecurityUtils.getUserByAccessToken((String)principals.getPrimaryPrincipal());
//        return mgUser.getAdmin() || super.isPermitted(principals, permission);
//    }

//    @Override
//    public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
//        MgUser mgUser = SecurityUtils.getUserByAccessToken((String)principals.getPrimaryPrincipal());
//        return mgUser.getAdmin() || super.hasRole(principals, roleIdentifier);
//    }
}
